Security is a major concern for many Internet services and applications. Users of social networking websites want to be sure that their private data remains private. Customers using online retailers wish to be assured that their financial information will not be stolen by malicious actors. Organizations require that their sensitive internal data will not be exposed to outsiders while the data is traveling to or from remote servers.
Cryptographic protocols, such as SECURE SOCKET LAYER (SSL) and TRANSPORT LAYER SECURITY (TLS), offer security for data sent over the Internet. SSL, TLS, and similar protocols encrypt messages sent between servers and clients, reducing the risk that any malicious third party who intercepts the message will be able to extract valuable data. However, such encryption comes at the cost of higher processing power and increased server load. The more complex the cipher, the safer the encrypted message may be, but also, the higher the potential burden on system resources.
Traditional systems for selecting ciphers may choose the first cipher in a list of ciphers on a server that matches a cipher in a list of ciphers sent by a client making a request of that server. This may be the most secure cipher but may require more processing power than the server has available. Some traditional systems may slow down or even refuse connections from the server when processing a high number of requests that use complex ciphers. In some cases, the ciphers selected by traditional systems may be more complex than necessary to ensure the safety of the message. Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for selecting ciphers.